version: 2 production_env: &production_env environment: - SERVER_HOST=https://server-alpha.offen.dev - OPT_OUT_PIXEL_LOCATION=https://server-alpha.offen.dev/opt-out - OPT_IN_PIXEL_LOCATION=https://server-alpha.offen.dev/opt-in - KMS_HOST=https://kms-alpha.offen.dev - SCRIPT_HOST=https://script-alpha.offen.dev - AUDITORIUM_HOST=https://auditorium-alpha.offen.dev - VAULT_HOST=https://vault-alpha.offen.dev - ACCOUNTS_HOST=https://accounts-alpha.offen.dev - NODE_ENV=production deploy_preconditions: &deploy_preconditions requires: - server - kms - vault - script - auditorium - packages - shared - accounts filters: branches: only: /^master$/ jobs: kms: docker: - image: circleci/golang:1.12 environment: - PORT=8081 working_directory: ~/offen/kms steps: - checkout: path: ~/offen - restore_cache: key: offen-kms-{{ checksum "go.mod" }} - run: name: Download modules command: go mod download - save_cache: paths: - /go/pkg/mod key: offen-kms-{{ checksum "go.mod" }} - run: name: Generate one-off key file command: make bootstrap - run: name: Run tests command: make test-ci server: docker: - image: circleci/golang:1.12 environment: - POSTGRES_CONNECTION_STRING=postgres://circle:test@localhost:5432/circle_test?sslmode=disable - PORT=8080 - image: circleci/postgres:11.2-alpine environment: - POSTGRES_USER=circle - POSTGRES_PASSWORD=test working_directory: ~/offen/server steps: - checkout: path: ~/offen - restore_cache: key: offen-server-{{ checksum "go.mod" }} - run: name: Download modules command: go mod download - save_cache: paths: - /go/pkg/mod key: offen-server-{{ checksum "go.mod" }} - run: name: Waiting for Postgres to be ready command: | for i in `seq 1 10`; do nc -z localhost 5432 && echo Success && exit 0 echo -n . sleep 1 done echo Failed waiting for Postgres && exit 1 - run: name: Run tests command: | cp ~/offen/bootstrap.yml . make test-ci shared: docker: - image: circleci/golang:1.12 working_directory: ~/offen/shared steps: - checkout: path: ~/offen - run: name: Install dependencies command: go get ./... - run: name: Run tests command: make test vault: docker: - image: circleci/node:10-browsers working_directory: ~/offen/vault steps: - checkout: path: ~/offen - restore_cache: key: offen-vault-{{ checksum "package.json" }} - run: name: Install dependencies command: npm install - save_cache: paths: - ~/offen/vault/node_modules key: offen-vault-{{ checksum "package.json" }} - run: name: Run tests command: npm test script: docker: - image: circleci/node:10-browsers working_directory: ~/offen/script steps: - checkout: path: ~/offen - restore_cache: key: offen-script-{{ checksum "package.json" }} - run: name: Install lsof command: sudo apt-get install lsof - run: name: Install dependencies command: npm install - save_cache: paths: - ~/offen/script/node_modules key: offen-script-{{ checksum "package.json" }} - run: name: Run tests command: npm test auditorium: docker: - image: circleci/node:10-browsers working_directory: ~/offen/auditorium steps: - checkout: path: ~/offen - restore_cache: key: offen-auditorium-{{ checksum "package.json" }} - run: name: Install lsof command: sudo apt-get install lsof - run: name: Install dependencies command: npm install - save_cache: paths: - ~/offen/auditorium/node_modules key: offen-auditorium-{{ checksum "package.json" }} - run: name: Run tests command: npm test packages: docker: - image: circleci/node:10-browsers working_directory: ~/offen/packages steps: - checkout: path: ~/offen - restore_cache: key: offen-packages-{{ checksum "package.json" }} - run: name: Install lsof command: sudo apt-get install lsof - run: name: Install dependencies command: npm install - save_cache: paths: - ~/offen/packages/node_modules key: offen-packages-{{ checksum "package.json" }} - run: name: Run tests command: npm test accounts: docker: - image: circleci/python:3.6 environment: POSTGRES_CONNECTION_STRING: postgres://circle:test@localhost:5432/circle_test?sslmode=disable HASHED_PASSWORD: JDJhJDEwJGpFRXJMOVVSQndZQlFQNjkxallkZi53aGp1cDMvRW5maGUvakZleG1pWFlnWEVXcU93ODBp JWT_PRIVATE_KEY: |- -----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCzgU18PnRrpbVK LU4EewU476arjLeMAXoxQAvrufvnwAGlrvnuh+TE7z7R3KslOyP0m3bTMaNyn2la DFz0ERR8KFA3rbUUDLG8QAUomm6X2WNbZJqFG/ORBWyEWy/bvNEbCTtF8K09v6HT PcNzpSrzN8MK/xsIXnMTa/acftbfD3jnb1KFNWaSUKgEM9OL8NSW8PpqTf+le/+R 0Dwhd4vNnELpobKY3tvhxjvlQmbZA6vRrOoWfWbKXuS/7B7CWXWEhXPTbcJPcKPt zlkpJGlrcHgvTBorM/lBZw7zrmfUcJROdX6ziU1ymEENkKtLBORedWdBZU8Ivuyy hDIzS7cdAgMBAAECggEAVReXfq0wjRMJhHdDg5Y5nIrmbG4RWFoe7ZfZzs3kXzDC 1yLCMdPTm5N6KQu9SbHmUn8b7fOa8qwkyd4QdlZeapjFpg8/RpjZ7E5A48WJZYxU sC9ZnH3qkTWMApYjcrvoODPBGF+GED52XOfrbje+y3sEh4L08purW2qThg4Ol8A2 +lqh7W0DCAYV9BG4jFo0QyJRsXa88JIxVS2gSbuegDyHwRTtPq0ZH+vqUEsJti0c G60hwcl0v9eRbJk/e9lzhKFKnf4/ReRAX9pUyyIb7za3vhYwDmjglgZ+Ax4HhkPK SR8KjqX5hQ2nOtDmxkxEO1QF5Qm99VLlZyo55vdJYQKBgQDomtQ7jwc41JM9naZC 1agGjJamZAtfDf/00KQILWplaDCDEyue9A1iSnu7yNLX4VOjsKhfvugARwz2pOrw PkOYasurM+P16qNkyfyVUilC/QoOcm5UjsCy/wAViwYFG8hZGBj+jPELqPglSdr4 m2FPTFOmtQDzB7EOk9Mzaic26QKBgQDFjz96/3OAC2dBdjQz7zXKHYPPo2gXqS76 3UOX2u+S43jJGEEKLdWa34qO6KrnnUsivyvEyF2/5H6n8Dc2Xj0LBdO67wyzbtFM dI9RiQ3DqTBbebmrkSdIaTBAGu1VtSCzBKUqckkM3lLSHhJBg0XrURGdqro28nhZ uSQ8EzzGFQKBgQCCiVlvrz3jU9Dp9E45FcR9IGrvKBgFmUq6bliPykT6cfU/qgOB 6f6U2a4E3ZgN1QNmSp7DVNTISxdoV3cNqjOvFsgD5VQaTzqxNnXMqtZDJNR+9RMb 2x0jlt3KOUIAne3aqh5kxF4GKCZSbtc3S6PZp8EOPmgw+3EO+EC/iuRE+QKBgHIW uqs2UKY2b6ffMmB3mVGiX9eOX3OikW3wT7OnjMkAMmW3awAM3hl1VNgYx3HAZX6o dgdLStChjP9A+zGblJcEA3Ulzejla1tCyO1mP5up3jJFhpLs3Ym0rVen9T2Uv1CC sztjCoqy7ZNIKHTK8Zrmk0zBJo7K0fPGtoU2+tbNAoGAc2x7cW8y9ERRJg8FSWj0 ADPUPzsW3Bu76U0oVEXg66d3+D9z8LBVhBYjL/+tJWADapePnye+gpqzd4kGFeV4 q49Qz5hhZUzsUl2iOURQLUnI2g0AINiMIVL5EkZtdD+Au65+AaYL7YEsXmKcLXHX coEomAoy102k4A6WsM2bKf4= -----END PRIVATE KEY----- JWT_PUBLIC_KEY: |- -----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4FNfD50a6W1Si1OBHsF OO+mq4y3jAF6MUAL67n758ABpa757ofkxO8+0dyrJTsj9Jt20zGjcp9pWgxc9BEU fChQN621FAyxvEAFKJpul9ljW2SahRvzkQVshFsv27zRGwk7RfCtPb+h0z3Dc6Uq 8zfDCv8bCF5zE2v2nH7W3w94529ShTVmklCoBDPTi/DUlvD6ak3/pXv/kdA8IXeL zZxC6aGymN7b4cY75UJm2QOr0azqFn1myl7kv+wewll1hIVz023CT3Cj7c5ZKSRp a3B4L0waKzP5QWcO865n1HCUTnV+s4lNcphBDZCrSwTkXnVnQWVPCL7ssoQyM0u3 HQIDAQAB -----END PUBLIC KEY----- - image: circleci/postgres:11.2-alpine environment: - POSTGRES_USER=circle - POSTGRES_PASSWORD=test working_directory: ~/offen/accounts steps: - checkout: path: ~/offen - restore_cache: key: offen-accounts-{{ checksum "requirements.txt" }}-{{ checksum "requirements-dev.txt" }} - run: name: Install dependencies command: | python3 -m venv venv . venv/bin/activate pip install -r requirements.txt pip install -r requirements-dev.txt - save_cache: paths: - ~/offen/accounts/venv key: offen-accounts-{{ checksum "requirements.txt" }}-{{ checksum "requirements-dev.txt" }} - run: name: Waiting for Postgres to be ready command: | for i in `seq 1 10`; do nc -z localhost 5432 && echo Success && exit 0 echo -n . sleep 1 done echo Failed waiting for Postgres && exit 1 - run: name: Run tests command: | . venv/bin/activate cp ~/offen/bootstrap.yml . make test-ci deploy_python: docker: - image: circleci/python:3.6-node <<: *production_env working_directory: ~/offen steps: - checkout: path: ~/offen - restore_cache: key: offen-deploy-{{ checksum "package.json" }} - run: name: Install dependencies command: npm install - run: name: Install psycopg2 dependencies command: sudo apt-get install libpq-dev - save_cache: paths: - ~/offen/packages/node_modules key: offen-packages-{{ checksum "package.json" }} - run: name: Deploy working_directory: ~/offen/accounts command: | echo "Deploying accounts ..." $(npm bin)/sls deploy deploy_golang: docker: - image: circleci/golang:1.12-node <<: *production_env working_directory: ~/offen steps: - checkout: path: ~/offen - restore_cache: key: offen-deploy-{{ checksum "package.json" }} - run: name: Install dependencies command: npm install - save_cache: paths: - ~/offen/packages/node_modules key: offen-packages-{{ checksum "package.json" }} - restore_cache: key: offen-server-{{ checksum "server/go.mod" }} - run: name: Build server service working_directory: ~/offen/server command: make build - run: name: Manually clear go cache command: sudo rm -rf /go/pkg/mod - restore_cache: key: offen-kms-{{ checksum "kms/go.mod" }} - run: name: Build kms service working_directory: ~/offen/kms command: make build - run: name: Manually clear go cache command: sudo rm -rf /go/pkg/mod - run: name: Deploy working_directory: ~/offen command: | echo "Deploying server ..." $(npm bin)/sls deploy --config server/serverless.yml echo "Deploying kms ..." $(npm bin)/sls deploy --config kms/serverless.yml deploy_node: docker: - image: circleci/node:10 <<: *production_env working_directory: ~/offen steps: - checkout: path: ~/offen - restore_cache: key: offen-deploy-{{ checksum "package.json" }} - run: name: Install dependencies command: npm install - save_cache: paths: - ~/offen/packages/node_modules key: offen-packages-{{ checksum "package.json" }} - restore_cache: key: offen-auditorium-{{ checksum "auditorium/package.json" }} - run: name: Build auditorium service working_directory: ~/offen/auditorium command: npm run build - restore_cache: key: offen-script-{{ checksum "script/package.json" }} - run: name: Build script service working_directory: ~/offen/script command: npm run build - restore_cache: key: offen-vault-{{ checksum "vault/package.json" }} - run: name: Build vault service working_directory: ~/offen/vault command: npm run build - run: name: Deploy working_directory: ~/offen command: | echo "Deploying auditorium ..." $(npm bin)/sls deploy --config auditorium/serverless.yml $(npm bin)/sls client deploy --config auditorium/serverless.yml --no-confirm echo "Deploying script ..." $(npm bin)/sls deploy --config script/serverless.yml $(npm bin)/sls client deploy --config script/serverless.yml --no-confirm echo "Deploying vault ..." $(npm bin)/sls deploy --config vault/serverless.yml $(npm bin)/sls client deploy --config vault/serverless.yml --no-confirm workflows: version: 2 test_build_deploy: jobs: - server - kms - vault - script - auditorium - packages - shared - accounts - deploy_golang: <<: *deploy_preconditions - deploy_node: <<: *deploy_preconditions - deploy_python: <<: *deploy_preconditions